Privacy-Respecting Intrusion Detection (eBook)
XX, 307 Seiten
Springer US (Verlag)
978-0-387-68254-9 (ISBN)
Effective response to misuse or abusive activity in IT systems requires the capability to detect and understand improper activity. Intrusion Detection Systems observe IT activity, record these observations in audit data, and analyze the collected audit data to detect misuse. Privacy-Respecting Intrusion Detection introduces the concept of technical purpose binding, which restricts the linkability of pseudonyms in audit data to the amount necessary for misuse detection. Also, it limits the recovery of personal data to pseudonyms involved in a detected misuse scenario. The book includes case studies demonstrating this theory, and solutions that are constructively validated by providing algorithms.
Computer and network security is an issue that has been studied for many years. The Ware Report, which was published in 1970, pointed out the need for c- puter security and highlighted the di?culties in evaluating a system to determine if it provided the necessary security for particular applications. The Anderson Report, published in 1972, was the outcome of an Air Force Planning Study whose intent was to de?ne the research and development paths required to make secure computers a reality in the USAF. A major contribution of this report was the de?nition of the reference monitor concept, which led to security kernel architectures. In the mid to late 1970s a number of systems were designed and implemented using a security kernel architecture. These systems were mostly sponsored by the defense establishment and were not in wide use. Fast forwarding to more recent times, the advent of the world-wide web, inexp- sive workstations for the o?ce and home, and high-speed connections has made it possible for most people to be connected. This access has greatly bene?ted society allowing users to do their banking, shopping, and research on the Int- net. Most every business, government agency, and public institution has a public facing web page that can be accessed by anyone anywhere on the Internet. - fortunately, society's increased dependency on networked software systems has also given easy access to the attackers, and the number of attacks is steadily increasing.
Contents 6
List of Figures 9
List of Tables 12
Foreword 13
Acknowledgements 16
Introduction and Background 17
1 Introduction 18
2 Authorizations 24
3 An Architectural Model for Secure Authorizations 28
4 Traditional Security Objectives 41
5 Personal Data Protection Objectives 45
6 The Challenge: Technical Enforcement of Multilateral Security 57
7 Pseudonyms – A Technical Point of View 61
8 An Architectural Model for Pseudonymous and Secure Authorizations 69
9 Comparing Architectures 78
10 Audit Data Pseudonymization 89
Set-based Approach 100
11 Requirements, Assumptions and Trust Model 101
12 Modeling Conditions for Technical Purpose Binding of Controlled Pseudonym Disclosure 106
13 Cryptographic Enforcement of Disclosure Conditions 112
14 The Mismatch Problem 117
15 Operational Pseudonymization and Pseudonym Disclosure 122
16 Extensions 129
Application to Unix Audit Data 141
17 Unix Audit Data 142
18 Syslog 146
19 Instantiating the Set-based Approach for Syslog- style Audit Data 151
20 Implementation: Pseudo/CoRe 163
Evaluation 172
21 APES: Anonymity and Privacy in Electronic Services 173
22 Evaluating the Design Using Basic Building Blocks for Anonymity 179
23 Evaluating the Performance of the Implementation 189
Refinement of Misuse Scenario Models 198
24 Motivating Model Refinements 199
25 Models of Misuse Scenarios 202
26 Pseudonymization Based on Serial Signature- Nets 228
27 Pseudonym Linkability 231
28 Pseudonym Disclosure 244
Summary 280
A Threshold Schemes for Cryptographic Secret Sharing 282
References 284
Index 300
| Erscheint lt. Verlag | 28.8.2007 |
|---|---|
| Reihe/Serie | Advances in Information Security |
| Zusatzinfo | XX, 307 p. 61 illus. |
| Verlagsort | New York |
| Sprache | englisch |
| Themenwelt | Informatik ► Netzwerke ► Sicherheit / Firewall |
| Schlagworte | algorithms • Architecture • Computer Security • Datenschutz • Information • informational self-determination • Intrusion Detection • IT Security • Monitoring • Network Security • protection • security • SIGNATUR • Surveillance • UNIX |
| ISBN-10 | 0-387-68254-6 / 0387682546 |
| ISBN-13 | 978-0-387-68254-9 / 9780387682549 |
| Haben Sie eine Frage zum Produkt? |
PDF (Wasserzeichen)Größe: 4,7 MB
DRM: Digitales Wasserzeichen
Dieses eBook enthält ein digitales Wasserzeichen und ist damit für Sie personalisiert. Bei einer missbräuchlichen Weitergabe des eBooks an Dritte ist eine Rückverfolgung an die Quelle möglich.
Dateiformat: PDF (Portable Document Format)
Mit einem festen Seitenlayout eignet sich die PDF besonders für Fachbücher mit Spalten, Tabellen und Abbildungen. Eine PDF kann auf fast allen Geräten angezeigt werden, ist aber für kleine Displays (Smartphone, eReader) nur eingeschränkt geeignet.
Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen dafür einen PDF-Viewer - z.B. den Adobe Reader oder Adobe Digital Editions.
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen dafür einen PDF-Viewer - z.B. die kostenlose Adobe Digital Editions-App.
Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.
aus dem Bereich
